We’ve been asking a lot of questions about network security lately, specifically targeting those companies that are getting more involved in such things as cloud computing, software as a service (SaaS), managed services, and other areas where applications and data are more virtual and bounce around a network like digital nomads.
Most of the vendors we talk to, including those involved in very heavyweight and mission-critical applications like CRM and ERP, insist that current Internet security safeguards and firewall filters are enough to keep everything safe and secure on your WAN, LAN, PAN and so on. A representative for a very big and very well-known enterprise software company also said – quite blithely – that security is the user’s problem and not a big blip on their radar.
This attitude is surprising, given the fact that companies are expected to spend more on security software and services next year, even as the budgets for other infrastructure segments are declining as a result of the weakened economy.
Spending on security software and services is expected to outpace that for general IT, according to market researcher Gartner Inc. Software security spending is expected to grow by approximately 4% in 2010, while spending on security services is projected to grow almost 3%, Gartner reports from a survey of more than 1,000 IT professionals with worldwide budget responsibilities.
The uptick in security spending is in part being driven by a shift toward managed security services, cloud-based email/Web-security solutions, and third-party compliance-related consulting and vulnerability audits and scans, Gartner points out.
Companies looking to validate a higher budget for security spending probably don’t have to look any further than the firms in their own geographic and industry-segment backyard. In its comprehensive Data Breach Investigations Report, Verizon Business documented 90 confirmed security breaches within the businesses that employ its services, totaling roughly 285 million compromised records. Roughly 74% of these breaches came from outside sources and 20% from insiders.
The industries hardest hit by security problems include retail (31%), financial (30%), and food and beverage (14%).
“Businesses should also recognize that new threats or vulnerabilities may require security spending that exceeds the amounts allocated and should consider setting aside up to 15% of the IT security budget to address the potential risks and impact of such unforeseen issues,” said Ruggero Contu, principal research analyst at Gartner.
We couldn’t agree more, especially as more efforts are made to speed things up and boost performance in the WAN, and companies rely more on cloud-based and managed services — all areas that we will be covering more as we move toward the final quarter of 2009 and look for ways to approach networking in a more strategic and security-minded fashion in 2010.
** Gartner’s report, Security Software and Services Spending Will Outpace Other IT Spending Areas in 2010, is available for a fee on the company’s website.